From 4e7585c7a062c44078f509bc37a0801723169ea4 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Thu, 19 Aug 2004 13:07:49 +0000 Subject: [PATCH] r1918: revert the passdb.c change; fix typos in release notes; add guenther's fix for pam_winbind --- WHATSNEW.txt | 22 ++++++++++++---------- source/nsswitch/winbindd_pam.c | 2 +- source/passdb/passdb.c | 26 +++++++------------------- 3 files changed, 20 insertions(+), 30 deletions(-) diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 45f47c12c30..8aea1b6bd31 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,6 +1,6 @@ ============================= Release Notes for Samba 3.0.6 - Aug 18, 2004 + Aug 19, 2004 ============================= This is the latest stable release of Samba. This is the version @@ -52,7 +52,7 @@ New features introduced in this release include: unix extensions = yes (default) and symlinks -------------------------------------------- -Beginning with Samba 3.0.6pre1 (formally known as 3.0.5pre1), +Beginning with Samba 3.0.6pre1 (formerly known as 3.0.5pre1), clients supporting the UNIX extensions to the CIFS protocol can create symlinks to absolute paths which will be **followed** by the server. This functionality has been requested in order @@ -86,7 +86,7 @@ following attributes from access by non-administrative users: * sambaPasswordHistory You should refer to your directory server's documentation on how -to implement this restriction). +to implement this restriction. ###################################################################### @@ -115,17 +115,19 @@ o Gerald (Jerry) Carter * Tighten the cache consistency with the ntprinters.tdb entry an the in memory cache associated with open printer handles. * Make sure that register_messages_flags() doesn't overwrite - the originally registers flags. + the originally registered flags. + + +o Guenther Deschner + * Correct infinite loop in pam_winbind's verification of + group membership in the 'other sids' field in the user_info3 + struct. o Steve French * prevent infinite recusion in reopen_logs() when expanding the smb.conf variable %I. -o Luke Howard - * Correctly use uid_to_sid() and gid_to_sid() in - pdb_set_sam_sids(). - o Volker Lendecke * Improved NT->AFS ACL mapping VFS module. @@ -138,12 +140,12 @@ o Lars Mueller o James Peach * Prevent smbd from attempting to use sendfile at all if it is not supported by the server's OS. - * Allow SWAT to search for index.html when searving html files + * Allow SWAT to search for index.html when serving html files in a directory. o Jelmer Vernooij - * BUG 1474: Fix build of --with-expsma stuff on Solaris. + * BUG 1474: Fix build of --with-expsam stuff on Solaris. Changes since 3.0.5 diff --git a/source/nsswitch/winbindd_pam.c b/source/nsswitch/winbindd_pam.c index 81d4e69ccd6..03947de8750 100644 --- a/source/nsswitch/winbindd_pam.c +++ b/source/nsswitch/winbindd_pam.c @@ -123,7 +123,7 @@ static NTSTATUS check_info3_in_group(TALLOC_CTX *mem_ctx, http://www.microsoft.com/windows2000/techinfo/administration/security/sidfilter.asp */ - for (i = 0; i < info3->num_other_sids; j++) { + for (i = 0; i < info3->num_other_sids; i++) { sid_copy(&all_sids[info3->num_groups2 + i + 2], &info3->other_sids[j].sid); j++; diff --git a/source/passdb/passdb.c b/source/passdb/passdb.c index 14c8c67aa3c..743978919b6 100644 --- a/source/passdb/passdb.c +++ b/source/passdb/passdb.c @@ -190,9 +190,7 @@ static NTSTATUS pdb_set_sam_sids(SAM_ACCOUNT *account_data, const struct passwd const char *guest_account = lp_guestaccount(); GROUP_MAP map; BOOL ret; - DOM_SID user_sid; - DOM_SID group_sid; - + if (!account_data || !pwd) { return NT_STATUS_INVALID_PARAMETER; } @@ -200,7 +198,7 @@ static NTSTATUS pdb_set_sam_sids(SAM_ACCOUNT *account_data, const struct passwd /* this is a hack this thing should not be set this way --SSS */ if (!(guest_account && *guest_account)) { - DEBUG(1, ("pdb_set_sam_sids: NULL guest account!?!?\n")); + DEBUG(1, ("NULL guest account!?!?\n")); return NT_STATUS_UNSUCCESSFUL; } else { /* Ensure this *must* be set right */ @@ -215,13 +213,8 @@ static NTSTATUS pdb_set_sam_sids(SAM_ACCOUNT *account_data, const struct passwd } } - if (NT_STATUS_IS_OK(uid_to_sid(&user_sid, pwd->pw_uid))) { - if (!pdb_set_user_sid(account_data, &user_sid, PDB_SET)) { - DEBUG(0,("pdb_set_sam_sids: Can't set User SID from mapped UID\n")); - return NT_STATUS_INVALID_PARAMETER; - } - } else if (!pdb_set_user_sid_from_rid(account_data, algorithmic_pdb_uid_to_user_rid(pwd->pw_uid), PDB_SET)) { - DEBUG(0,("pdb_set_sam_sids: Can't set User SID from RID!\n")); + if (!pdb_set_user_sid_from_rid(account_data, algorithmic_pdb_uid_to_user_rid(pwd->pw_uid), PDB_SET)) { + DEBUG(0,("Can't set User SID from RID!\n")); return NT_STATUS_INVALID_PARAMETER; } @@ -232,18 +225,13 @@ static NTSTATUS pdb_set_sam_sids(SAM_ACCOUNT *account_data, const struct passwd if( ret ) { if (!pdb_set_group_sid(account_data, &map.sid, PDB_SET)){ - DEBUG(0,("pdb_set_sam_sids: Can't set Group SID!\n")); + DEBUG(0,("Can't set Group SID!\n")); return NT_STATUS_INVALID_PARAMETER; } } else { - if (NT_STATUS_IS_OK(gid_to_sid(&group_sid, pwd->pw_gid))) { - if (!pdb_set_group_sid(account_data, &group_sid, PDB_SET)) { - DEBUG(0,("pdb_set_sam_sids: Can't set Group SID from mapped GID\n")); - return NT_STATUS_INVALID_PARAMETER; - } - } else if (!pdb_set_group_sid_from_rid(account_data, pdb_gid_to_group_rid(pwd->pw_gid), PDB_SET)) { - DEBUG(0,("pdb_set_sam_sids: Can't set Group SID\n")); + if (!pdb_set_group_sid_from_rid(account_data, pdb_gid_to_group_rid(pwd->pw_gid), PDB_SET)) { + DEBUG(0,("Can't set Group SID\n")); return NT_STATUS_INVALID_PARAMETER; } } -- 2.11.4.GIT